Hi @Samuele_Lolli, @Badger, @leandrojmp, @carly.richmond
I am trying to use the salesforce input plugin in one of the pipeline on my logstash server. However I am getting an error saying 'Authentication Failure 400'.
Logstash Server - Windows 2019
Logstash version - 8.11.1
input {
salesforce {
client_id => "abcderfgh" #got this from connected app
client_secret => "ijklmn" #got this from connected app
username => "mohammedshaikh@clientname.com.preprod" #using this to login to SF application
password => "strongpassword" #in stackoverflow i read that the password shouldnt have special characters, so my password doesnt contain a special character
security_token => "token" #got this by resetting my security token in salesforce
sfdc_object_name => "EventLogFile"
}
}
output {
stdout {
codec => rubydebug
}
}
#Error while running the logstash on command line
> bin\logstash -f "path_to_conf_file_of_above_pipeline"
Error logs:
[2024-08-23T05:42:49,700][ERROR][logstash.javapipeline ][main] Pipeline error {:pipeline_id=>"main", :exception=>#<Restforce::AuthenticationError: invalid_grant: authentication failure (400)
[2024-08-23T05:42:49,705][ERROR][logstash.agent ] Failed to execute action {:id=>:main, :action_type=>LogStash::ConvergeResult::FailedAction, :message=>"Could not execute action: PipelineAction::Create<main>, action_result: false", :backtrace=>nil}
Also, I cross checked and configured the below three settings in my salesforce intsance:
- Set permitted users to all users may self-authorize (Apps -> Manage Connected Apps -> (The name of my app) -> Edit Application -> OAuth Polices Then set "Permitted users" to "All users may self-authorize")
- Relaxed IP restrictions (Manage Apps -> Connected Apps -> (The name of my app) Then set "IP Relaxation" to "Relax IP restrictions".)
- Enabled OAUTH setting
Below are the things I mentioned while creating the connected app:
Name: "Logstash_SF"
Contactemail: "my email id"
Call back URL: "https://clientname--preprod.sandbox.my.salesforce.com"
Require Proof Key for Code Exchange (PKCE) Extension for Supported Authorization Flows: ✅
Require Secret for Web Server Flow: ✅
Require Secret for Refresh Token Flow: ✅
PS: I have tried hitting this API and it was working fine with the clienti id, client secret, username and password which i using for the pipeline "https://clientname--preprod.sandbox.my.salesforce.com/services/oauth2/token"
Could anyone please help me in this
Thanks in advance!